CVE-2025-59968

{"id": "CVE-2025-59968", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "AUTOMATIC", "baseScore": 7.7, "Automatable": "YES", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:C/RE:M/U:Green", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "GREEN", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "MODERATE", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-10-09T16:15:46.837", "references": [{"url": "https://supportportal.juniper.net/JSA103157", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://www.juniper.net/documentation/us/en/software/nm-apps24.1/junos-space-security-director/topics/task/junos-space-metadata-creating.html", "tags": ["Technical Description"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "A Missing Authorization vulnerability in the Juniper Networks Junos Space Security Director allows an unauthenticated network-based attacker to read or modify metadata via the web interface.\u00a0\n\n\n\n\nTampering with this metadata can result in managed SRX Series devices permitting network traffic that should otherwise be blocked by policy, effectively bypassing intended security controls.\n\n\n\nThis issue affects Junos Space Security Director \n * all versions prior to 24.1R3 Patch V4\n\n\nThis issue does not affect managed cSRX Series devices."}], "lastModified": "2026-01-23T19:59:41.223", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:juniper:space_security_director:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "089ADA2B-78A6-46F2-9560-B4EC849D394F", "versionEndExcluding": "24.1"}, {"criteria": "cpe:2.3:a:juniper:space_security_director:24.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DBDC52A5-EE95-40D7-870C-56AF400E0531"}, {"criteria": "cpe:2.3:a:juniper:space_security_director:24.1:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C05DBD6-F4E6-4748-BBC9-CB0DF6ED3541"}, {"criteria": "cpe:2.3:a:juniper:space_security_director:24.1:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B866E017-3B4A-4779-A736-5D68E544E93F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:juniper:vsrx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "36F68E75-E6C6-4DB4-AE0E-C5637ECE7C88"}, {"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B"}, {"criteria": "cpe:2.3:h:juniper:srx1600:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4AE06B18-BFB5-4029-A05D-386CFBFBF683"}, {"criteria": "cpe:2.3:h:juniper:srx2300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "48A1DCCD-208C-46D9-8E14-89592B49AB9A"}, {"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A"}, {"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78"}, {"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA"}, {"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5"}, {"criteria": "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F"}, {"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7"}, {"criteria": "cpe:2.3:h:juniper:srx4120:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E5942B6E-AFC7-40E4-8007-68C804BD52E3"}, {"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9"}, {"criteria": "cpe:2.3:h:juniper:srx4300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "826F893F-7B06-43B5-8653-A8D9794C052E"}, {"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA"}, {"criteria": "cpe:2.3:h:juniper:srx4700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "462CFD52-D3E2-4F7A-98AC-C589D2420556"}, {"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1"}, {"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710"}, {"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "[email protected]"}